BTC Wires: Researchers from Duo Security have discovered a bot network that copies legit accounts on Twitter, and spreads a massive crypto “giveaway” scam.
The security firm analysed some 88 million account over the last 2 months, and used artificial learning algorithms to identify malicious bots on the platform.
Notably, the team discovered a network of over 15,000 bots structured to create fake altcoin giveaways, and the accounts further evolved with time as well in order to stay undetected. The team has described the workings of the network in a paper they’ll present at the 2018 Black Hat cybersecurity program, slated to be held next week on Wednesday.
To add to the problems, many such spoof accounts are followers of what experts have dubbed “hub accounts”. This is suspected to be done in order for the spoof accounts to appear legitimate.
The bot network also made use of “amplification bots”, which are essentially more fake accounts that serve artificially, boosting the popularity of the tweets from the spoof accounts, making their scams look proper by “liking” and commenting on the tweets.
The team has explained in the paper:
“[Searching for connected bots] resulted in a 3 tiered botnet structure consisting of the scam publishing bots, the hub accounts (if any) the bots were following, and the amplification bots that like each created tweet. The mapping shows that the amplification bots like tweets from both clusters, binding them together.”
Interestingly, the team discovered that these findings would facilitate them to locate all of the bots in a manner “that can result in the unraveling of the entire botnet.”
Twitter has been trying to shut down all discussions regarding such scams on its profile, but Duo maintains that their research proves the existence of such bots and networks and can be discovered by “straightforward analysis.”
“We don’t consider the problem solved,” they stated.
Duo now plans to explain the techniques in their paper, open source. They hope that these techniques will be further developed and therefore help identify more such bots, and Twitter and other social networks will stay “healthy”.
Leave a Comment